locked
No Netlogon Share RRS feed

  • Question

  • I just promoted a Win 2008 R2 server to a DC - I chose part of existing forest and domain. The other DC is a 2003 server - I have transfered all the FSMO roles to the 2008 R2 server. I would like to demote the 2003 server but the 2008 R2 server has no netlogon share that I can find. There is a sysvol folder under Windows with 4 folders domain, staging, staging areas and sysvol - domain and staging are empty and staging area and sysvol both have shortcuts pointing back to sysvol and the shortcut has the name of the domain. I have no scripts folder, sysvol is not shared and ther is no netlogon share.

    Will this be corrected when I demote the 2003 DC or is this something that should be corrected first and if so any ideas how? I do not want to demote the 2003 DC and not have the abilty to logon to the domain from the workstations. THANK YOU

    Friday, August 19, 2011 7:12 PM

Answers

  • For rebuilding the Sysvol/Netlogon, you don't require any copy on any DC. The quickest option is only restore Sysvol/Netlogon from the backup.

     

    Regards  


    Awinish Vishwakarma

    MY BLOG:  http://awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    • Marked as answer by Jsurf44 Monday, August 22, 2011 8:50 PM
    Monday, August 22, 2011 5:07 PM

All replies

  • This article may help.

    Restoring and Rebuilding SYSVOL
    http://technet.microsoft.com/en-us/library/cc816596(WS.10).aspx

     

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Saturday, August 20, 2011 2:22 AM
  • This has has to be corrected first & then windows 2003 to be demoted. You can refer below article to correct Sysvol/Netlogon issue or perform Non-Authoritative restore using below article.The below article applies for windows 2008 R2 even, so ignore the OS version.

    http://support.microsoft.com/kb/947022

    How to force a non-authoritative restore of the data in the Sysvol folder on a domain controller in Windows 2000 Server and in Windows Server 2003

    http://support.microsoft.com/kb/840674

    http://msdn.microsoft.com/en-us/library/cc507518%28v=vs.85%29.aspx

    You are also required to make DC with PDC FSMO role holder as time server too, becasue by default when PDC is moved, that DC doesn't become time server. DC with PDC should sync time server from external source & internal domain clients should sync from PDC, you are also required to make sure port 123 UDP is open for time service. 

    How to configure authoritative time server

    http://support.microsoft.com/kb/816042 

    Before demoting the windows 2003 DC, make sure new DC points itself for DNS as preferred DNS server & other DC as alternate DNS server. All the client systems(Application server/domain clients etc) should be updated to new DNS, if windows 2003 was also a DNS server.

    You can first shutdown DC for a week at least to measure the impact & when its confirmed everything is working fine, then demote it. You can also use DCDIAG tool to scan the health of your DC/Domain.

    What does DCDIAG actually… do?

    http://blogs.technet.com/b/askds/archive/2011/03/22/what-does-dcdiag-actually-do.aspx

     

    Regards


    Awinish Vishwakarma

    MVP-Directory Services

    MY BLOG:  http://awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Saturday, August 20, 2011 4:50 PM
  • Hi,

     

    I would like to confirm what is the current situation? If there is anything that I can do for you, please do not hesitate to let me know, and I will be happy to help.

    Regards,

     

    Arthur Li

     

    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    tnmff@microsoft.com.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Monday, August 22, 2011 1:53 PM
  • I am just reading this as I did not receive any email alerts that there were responses - thank you all that replied.

    I am still in need of assistance here is what I did so far:

    The 2003 server had a journal wrap error so I followed the instructions on the event log and added the reg key "enable journal wrap automatic restore" and set it to 1 (I stopped ntfrs first) then started ntfrs at this point I lost the SYSVOL share on the 2003 server!!

    At this point no one could log on so following another article I stopped and disabled ntfrs on the 2008 server then I stopped ntfrs on the 2003 server and added the D4 value to the burflags key (2003) then started ntfrs on the 2003 server - on the 2008 server I added the D2 value for burflags then enabled and started ntfrs. I did get the 13516 event log on both servers stating ntfrs is no longer preventing the computer from becoming a domain controller and the SYSVOL should now be shared.

    So at this point both servers have a SYSVOL share but neither have a NETLOGON share so I know I still have problems but I can log on to the domain at this point and get to my shares. Both servers SYSVOL folders have a shortcut with the name of the domain pointing back to sysvol - there is no folder in there with the domain name and of course no folder below that like the scripts folder.

    Thank you, James


    Monday, August 22, 2011 3:27 PM
  • You might check the article I posted about rebuilding sysvol on 2008 server. I'd start a new thread on the 2003 server journal wrap issue with text from all system event log errors.

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Monday, August 22, 2011 4:27 PM
  • Do you have Netlogon on any DC, if not, you can restore complete sysvol from back or if there is no backup available, you can rebuilt Sysvol/Netlogon share.

    http://support.microsoft.com/kb/315457

     

    Regards  


    Awinish Vishwakarma

    MY BLOG:  http://awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Monday, August 22, 2011 4:40 PM
  • I think that article may have helped if I tried it first - at this point I do not have a complete SYSVOL share on either of the two servers and if I understand the article correctly you need one good one to replicate from??

    I longer have an issue with the journal wrap error - the real issue right now is the missing folders on the 2003 server (and 2008 server) under SYSVOL as I have no policies folder and no scripts folder and of course no NETLOGON share.

    Thank you, James

    Monday, August 22, 2011 4:45 PM
  • For 2008

    Restoring and Rebuilding SYSVOL
    http://technet.microsoft.com/en-us/library/cc816596(WS.10).aspx

     

    For 2003

    How to rebuild the SYSVOL tree and its content in a domain
    http://support.microsoft.com/kb/315457

     

     

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Monday, August 22, 2011 4:48 PM
  • You can backup the current sysvol content by stopping the FRS service, delete the sysvol & rebuilt it using the article posted in my earlier post & then copy the conent of sysvol back to it once its rebuilt.

     

    Regards  


    Awinish Vishwakarma

    MY BLOG:  http://awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Monday, August 22, 2011 4:54 PM
  • I do have a backup of the 2003 server and I think Awinish is saying I can restore from that if so how would go about restoring from backup?

    Again I do not THINK I can rebuild SYSVOL without a having a copy of it on another DC unless I am reading the article incorrectly?

    Monday, August 22, 2011 4:56 PM
  • I have no contents! No Scripts or Policies folder...
    Monday, August 22, 2011 4:58 PM
  • Yes, you should import sysvol as outlined in these articles.

     

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Monday, August 22, 2011 4:59 PM
  • For rebuilding the Sysvol/Netlogon, you don't require any copy on any DC. The quickest option is only restore Sysvol/Netlogon from the backup.

     

    Regards  


    Awinish Vishwakarma

    MY BLOG:  http://awinish.wordpress.com

    This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    • Marked as answer by Jsurf44 Monday, August 22, 2011 8:50 PM
    Monday, August 22, 2011 5:07 PM
  • When I look at my backup of the 2003 server the SYSVOL folder has the 4 folders under it that should be there but the domain folder is the only folder with that has the policies and scripts folder - here is what I have in the backup

    SYSVOL\domain\policies

    SYSVOL\domain\scripts

    SYSVOL\staging

    SYSVOL\staging areas

    SYSVOL\staging areas\domain.local (shortcut)

    SYSVOL\sysvol\domain.local (shortcut)

    I apologize if I am not understanding correctly I am really trying to resolve this

    Thank you, James

    Monday, August 22, 2011 5:24 PM
  • Yes users can logon and run programs from the shares

    I will have to check if the logon script is running - no drive letters have changed and the drives are there but they just be there from a logon prior to the change.

    Not sure how they would run without the NETLOGON share?

     

    Thank You, James


    Monday, August 22, 2011 5:26 PM
  • Just trying to make sure if they're located anywhere or not. Seems they're probably gone and if no backups you'll have to recreate them.

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]
    Monday, August 22, 2011 5:56 PM
  • Thanks All - I had to restore the folders from backup then do the D4 restore.

     

    Thank you again for assistance...

     

    James

    Monday, August 22, 2011 8:52 PM
  • My SBS 2003 server was in a journal wrap error ( check frs logs ) followed the instructions on how to repair in the event log.  Restarted ntfrs on both servers and both sysvol / netlogon showed up on my 2012r2 server
    Tuesday, May 6, 2014 5:22 PM